Browser-Based Cryptocurrency Mining Makes Unexpected Come back from the Dead, Symantec Blogs

Once thought of spil dead, browser-based cryptocurrency mining makes an unlikely terugwedstrijd, coming back to haunt websites and their visitors.

Highlights of this blog

Attempted, tested, and buried

Browser-based mining, spil its name suggests, is a method of cryptocurrency mining that happens inwards a browser and is implemented using scripting language. This is different compared to the more widely known file-based cryptocurrency mining treatment which involves downloading and running a dedicated executable opstopping.

Browser-based mining dates back to May of 2011 when an innovative service called BitcoinPlus.com wasgoed primarily launched&,#8212,back when Bitcoin wasgoed cheap and mining wasgoed effortless&,#8212,not to be confused with another cryptocurrency known spil Bitcoin Plus.org (XBC). That service wasgoed te many ways remarkably similar to its modern reincarnation, Coinhive. It used JavaScript code for pooled mining and webstek owners could sign up to the service and embed thesis scripts into their web pages to make pagina visitors mine for them. The big difference is that back ter 2011 BitcoinPlus.com, spil its name suggests, mined for Bitcoin (BTC) whereas the current browser-based miners like Coinhive are mining for Monero (XMR)&,#8212,a newer, privacy-focused cryptocurrency. Back te 2011, before the advent of ASIC mining ter 2013, Bitcoin wasgoed still te its infancy, mining difficulty wasgoed relatively low, and cryptocurrency prices were even lower. It wasgoed (just about) possible to do some mining with home-grade hardware.

Even tho’ it wasgoed possible at that time to mine for Bitcoin via BitcoinPlus.com, the reality of the situation wasgoed that it wasgoed largely a futile exercise. The prize wasgoed minuscule compared to the amount of mining power and tens unit required. Of course, this wasgoed back ter the days before Bitcoin prices slok through the roof&,#8212,te June 2011, Bitcoin reached the then lofty heights of almost US$30.

Browser-based cryptocurrency mining activity exploded te the last few months of 2018. After many years of deathly muffle, the catalyst emerges to be the launch of a fresh browser-based mining service te September by Coinhive. This service wraps everything up nicely ter an easy-to-use package for webstek owners and has injected fresh life into an idea that wasgoed long thought of spil dead and buried.

Highlights of this blog

  • Browser-based cryptocurrency mining is not fresh, it’s bot around since at least 2011.
  • A surge ter the cryptocurrency market ter 2018, spil well spil availability of coins that are mineable using huis hardware and easy-to-use JavaScript APIs, has led to a torrent of malicious browser-based mining affecting many well-known and lesser-known websites.
  • Mobile devices have not bot spared from cryptocurrency mining, spil witnessed by a 34 procent increase te the number of mobile apps incorporating cryptocurrency mining code.

Attempted, tested, and buried

Browser-based mining, spil its name suggests, is a method of cryptocurrency mining that happens inwards a browser and is implemented using scripting language. This is different compared to the more widely known file-based cryptocurrency mining treatment which involves downloading and running a dedicated executable opstopping.

Browser-based mining dates back to May of 2011 when an innovative service called BitcoinPlus.com wasgoed originally launched—back when Bitcoin wasgoed cheap and mining wasgoed easy—not to be confused with another cryptocurrency known spil Bitcoin Plus.org (XBC). That service wasgoed te many ways remarkably similar to its modern reincarnation, Coinhive. It used JavaScript code for pooled mining and webstek owners could sign up to the service and embed thesis scripts into their web pages to make pagina visitors mine for them. The big difference is that back ter 2011 BitcoinPlus.com, spil its name suggests, mined for Bitcoin (BTC) whereas the current browser-based miners like Coinhive are mining for Monero (XMR)—a newer, privacy-focused cryptocurrency. Back ter 2011, before the advent of ASIC mining ter 2013, Bitcoin wasgoed still ter its infancy, mining difficulty wasgoed relatively low, and cryptocurrency prices were even lower. It wasgoed (just about) possible to do some mining with home-grade hardware.

Even tho’ it wasgoed possible at that time to mine for Bitcoin via BitcoinPlus.com, the reality of the situation wasgoed that it wasgoed largely a futile exercise. The prize wasgoed minuscule compared to the amount of mining power and tens unit required. Of course, this wasgoed back te the days before Bitcoin prices slok through the roof—in June 2011, Bitcoin reached the then lofty heights of almost US$30.

Figure 1. BitcoinPlus.com wasgoed a browser-based miner for Bitcoin dating from 2011

The case for browser-based mining wasn&,#8217,t looking good. The growing problem of profitability wasgoed made even worse by the enhancing use of ASIC miners. The advent of ASIC miners dragged bitcoin mining out of the field of huis users and into an industrial age predominated by the massive mining farms that wij are more familiar with today. After the demise of Tidbit, the idea of browser-based JavaScript cryptocurrency mining largely died away once again. &,#160,

Despite thesis setbacks, key lessons were learned. The point of a service like Tidbit wasgoed never about single servers or high-end computers doing solo mining. The true power of this service came from scaling up and pooling the potentially massive combined mining power of masses of users with average hardware visiting a webstek. Higher webstek traffic means higher comes back and sooner or zometeen, somebody wasgoed strapped to figure out a better way to get browser mining to work on end users’&,#160,computers more efficiently.

Dawn of the dead

Quick forward to September 2018, the cryptocurrency landscape compared with 2013 had switched drastically. Ter April 2013, the cryptocurrency market only had a handful of coins and the total market capitalization wasgoed just $1.Five billion. The market for cryptocurrency wasgoed enormously limited and illiquid, meaning that even if you got some, it wasgoed not effortless to turn it back into fiat currency for spending. Tegenstelling that with September 2018 when the market capitalization stood at an incredible $166 billion spread overheen more than a thousand different coins.

Together with the diversity of coins to choose from te 2018, there wasgoed also now a diversity of coin prize mechanisms. Some, like Bitcoin, can still only be mined via a proof-of-work (PoW) process using dedicated power-hungry ASIC hardware&,#8212,tho’ there have bot attempts to switch this, with the various hard forks such spil Bitcoin Gold (BTG) and Bitcoin Diamond (BCD), to bring ter GPU mining. Other cryptocurrencies like Monero, Ethereum (ETH), Ethereum Classic (ETC), and Dash (DASH) can be mined using retail-grade GPU hardware found ter many huis computers. There are also some that are more suited to CPU mining, thesis include Monero and Verium Reserve (VRM). The trading environment is massively different too, it&,#8217,s now much lighter to budge inbetween fiat currencies and cryptocurrencies, making the latter more useful and valuable.

It’s against this backdrop that Coinhive released its browser-mining scripts designed to mine Monero, effectively bringing the idea of browser-based mining back from the dead.

News spreads rapid

Coinhive is marketed spil an alternative to browser ad revenue. The motivation behind this is elementary: users pay for the content indirectly by coin mining when they visit the webpagina and webstek owners don’t have to bother users with sites laden with ads, trackers, and all the associated paraphernalia being downloaded to the browser. Users hopefully then get a cleaner, swifter, and potentially less risky webstek (reminisce malvertising?) to use, and everybody is glad. What could go wrong?

Soon after the release of the Coinhive service, the hash rate for the service began to climb, and quickly too. Hash rate is the number of hashes calculated by the combined power of the mining pool and is measured ter the number of hashes vanaf 2nd&,#8212,usually te units of millions (MH/s). Hashing is the process of carrying out cryptographic hash calculations which are used to help process transactions. Miners who participate ter a mining pool get paid a share of income generated by the pool.

According to a blog by Coinhive, the hash rate for their pool climbed from 0 MH/s to Trio MH/s te a duo of days before reaching 13.Five MH/s ter the space of a week. To waterput that into perspective, the total network hash rate (the total amount of mining power for all computers mining) for Monero stood at around 260 MH/s on September 20, 2018. The Coinhive pool reached just overheen five procent of that total which is fairly an achievement ter such a brief time.

Due to this fundamental profitability problem with browser-based mining, it soon withered away. However, the idea wasgoed once again revived te December 2013 by a group of MIT students te a project called Tidbit—ostensibly touted spil an alternative way for webstek owners to raise revenue. Once again, this project didn’t last long, spil soon after it embarked the Fresh Jersey Division of Consumer Affairs stepped ter to investigate the fledgling company on charges of unlawful access to “a person’s rekentuig processing power.” This resulted ter a long drawn out case which wasgoed eventually lodged te 2015.

The case for browser-based mining wasn’t looking good. The growing problem of profitability wasgoed made even worse by the enhancing use of ASIC miners. The advent of ASIC miners dragged bitcoin mining out of the area of huis users and into an industrial age predominated by the massive mining farms that wij are more familiar with today. After the demise of Tidbit, the idea of browser-based JavaScript cryptocurrency mining largely died away once again.

Despite thesis setbacks, key lessons were learned. The point of a service like Tidbit wasgoed never about single servers or high-end computers doing solo mining. The true power of this service came from scaling up and pooling the potentially massive combined mining power of masses of users with average hardware visiting a webstek. Higher webstek traffic means higher comebacks and sooner or straks, somebody wasgoed tied to figure out a better way to get browser mining to work on end users’ computers more efficiently.

Dawn of the dead

Prompt forward to September 2018, the cryptocurrency landscape compared with 2013 had switched drastically. Ter April 2013, the cryptocurrency market only had a handful of coins and the total market capitalization wasgoed just $1.Five billion. The market for cryptocurrency wasgoed enormously limited and illiquid, meaning that even if you got some, it wasgoed not effortless to turn it back into fiat currency for spending. Tegenstelling that with September 2018 when the market capitalization stood at an incredible $166 billion spread overheen more than a thousand different coins.

Together with the diversity of coins to choose from te 2018, there wasgoed also now a diversity of coin prize mechanisms. Some, like Bitcoin, can still only be mined via a proof-of-work (PoW) process using dedicated power-hungry ASIC hardware—though there have bot attempts to switch this, with the various hard forks such spil Bitcoin Gold (BTG) and Bitcoin Diamond (BCD), to bring te GPU mining. Other cryptocurrencies like Monero, Ethereum (ETH), Ethereum Classic (ETC), and Dash (DASH) can be mined using retail-grade GPU hardware found ter many huis computers. There are also some that are more suited to CPU mining, thesis include Monero and Verium Reserve (VRM). The trading environment is massively different too, it’s now much lighter to stir inbetween fiat currencies and cryptocurrencies, making the latter more useful and valuable.

It’s against this backdrop that Coinhive released its browser-mining scripts designed to mine Monero, effectively bringing the idea of browser-based mining back from the dead.

News spreads rapid

Coinhive is marketed spil an alternative to browser ad revenue. The motivation behind this is elementary: users pay for the content indirectly by coin mining when they visit the webpagina and webstek owners don’t have to bother users with sites laden with ads, trackers, and all the associated paraphernalia being downloaded to the browser. Users hopefully then get a cleaner, swifter, and potentially less risky webstek (reminisce malvertising?) to use, and everybody is blessed. What could go wrong?

Soon after the release of the Coinhive service, the hash rate for the service embarked to climb, and quickly too. Hash rate is the number of hashes calculated by the combined power of the mining pool and is measured ter the number of hashes vanaf second—usually ter units of millions (MH/s). Hashing is the process of carrying out cryptographic hash calculations which are used to help process transactions. Miners who participate te a mining pool get paid a share of income generated by the pool.

According to a blog by Coinhive, the hash rate for their pool climbed from 0 MH/s to Three MH/s te a duo of days before reaching 13.Five MH/s ter the space of a week. To waterput that into perspective, the total network hash rate (the total amount of mining power for all computers mining) for Monero stood at around 260 MH/s on September 20, 2018. The Coinhive pool reached just overheen five procent of that total which is fairly an achievement ter such a brief time.

To maximize revenue, the script is best placed on high-traffic websites and &,#34,goopy&,#34,&,#160,websites (where users stay on the same pagina for longer). According to one early adopter, the revenue generated by his particular webpagina wasgoed far lower than the revenue generated from ads.

Ter fairness to Coinhive, it recommends being semitransparent with webpagina visitors and that webstek owners notify users of the mining that will be taking place and, better still, suggest users a way to opt te. Unluckily, despite Coinhive&,#8217,s best intentions, unscrupulous operators quickly latched on to the idea of secret mining te the hope that users will not notice.

Embark of a torrent

The very first high-profile webpagina to commence using Coinhive mining wasgoed The Pirate Bay torrent webstek. The Pirate Bay has had a checkered history and, being a very trafficked webpagina (global ranking #161 with 290 million visitors te the last six months), has bot looking for alternative ways to monetize its considerable traffic. Its initial attempts at browser mining were quickly spotted by users and they were not too glad about it. At least te the case of The Pirate Bay, this wasgoed a case of the webpagina’s owners making a decision to use Coinhive.

Monero can be mined with CPUs and GPUs, but the Coinhive browser-based mining service only works for CPU mining which is a limitation that substantially reduces potential comes back.

To maximize revenue, the script is best placed on high-traffic websites and “gooey” websites (where users stay on the same pagina for longer). According to one early adopter, the revenue generated by his particular webpagina wasgoed far lower than the revenue generated from ads.

Te fairness to Coinhive, it recommends being translucent with webpagina visitors and that webstek owners notify users of the mining that will be taking place and, better still, suggest users a way to opt te. Unluckily, despite Coinhive’s best intentions, unscrupulous operators quickly latched on to the idea of secret mining ter the hope that users will not notice.

Begin of a torrent

The very first high-profile webpagina to commence using Coinhive mining wasgoed The Pirate Bay torrent webstek. The Pirate Bay has had a checkered history and, being a very trafficked webpagina (global ranking #161 with 290 million visitors te the last six months), has bot looking for alternative ways to monetize its considerable traffic. Its initial attempts at browser mining were quickly spotted by users and they were not too glad about it. At least te the case of The Pirate Bay, this wasgoed a case of the webpagina’s owners making a decision to use Coinhive.

The Pirate Bay’s initial attempts at browser mining were quickly spotted by users and they were not too blessed about it.

Reports of many other sites using the Coinhive mining scripts soon followed. Overheen the Thanksgiving holiday ter the U.S., the Coinhive miner wasgoed also found ter a LiveHelpNow widget which is used by many websites around the world to opoffering in-browser support talk sessions. The apparent cause of this wasgoed the compromise of one of the CDN servers used by LiveHelpNow to serve up its widget. Spil with Showtime, LiveHelpNow is already a legitimate revenue-generating business and there’s no demonstrable reason spil to why it would risk user confidence to earn a few reserve bucks from users. So the most likely screenplay is that the server wasgoed compromised either by an outsider, or even an insider.

Browser mining is cropping up ter many other different places too:

&,#Ten,&,#Ten,

    &,#Ten,&,#9,

  • Browser extensions and plugins have already bot found with browser-mining scripts. &,#Ten,&,#9,
  • Even the traditional tech support scam pages are incorporating browser miners into their pages spil an extra revenue stream. The strenuous CPU use caused by mining may actually help coax the user that they have a problem and may increase the chances of users falling for the scam. &,#Ten,&,#9,
  • People have even bot attempting browser mining on parked domains&,#8212,thesis are the kleuter of websites that you can sometimes end up on when you inadvertently misspell a domain name. &,#Ten,

&,#Ten,&,#Ten,

Why is browser mining taking off?

There are many reasons why browser-based mining is back with a vengeance. Unlike te previous failed attempts, latest developments te the cryptocurrency and threat landscapes have made this a much more viable activity. Let’s have a look at some of thesis factors te more detail:

Advent of privacy-focused cryptocurrencies

Privacy is significant if you want to mine coins maliciously, te order to ensure others cannot lightly go after the money trail back to you. Monero, which came to the market ter 2014, can opoffering a high level of transaction privacy. Unlike with most other cryptocurrencies that use public translucent blockchains where transaction addresses can be lightly viewed by anyone, Monero does things differently. By default, everything is private, including the amount te a transaction, who sent it, and who received it. There is an option with which wallet owners can selectively expose some information via what’s called a view key, but this is not a feature that cyber criminals are likely to want to use.

Ease of use

Spil mentioned earlier, Coinhive provides a very neat and easy-to-use package for people to get involved te Monero mining. All you have to do is add a few lines of script to your webstek code. You don’t have to make webstek visitors download and install executable files.

The Pirate Bay wasgoed soon followed by another high-profile site—this time Coinhive’s miner wasgoed found on two of Showtime’s websites. One of the Showtime sites affected wasgoed its content streaming webpagina which has high traffic and user sessions are lengthy spil visitors stay on the webpagina while content is streaming. Showtime is a premium-based service so it would seem strange that users are made to pay twice for content. The scripts were promptly eliminated after they were discovered, suggesting that they were planted there maliciously.

Reports of many other sites using the Coinhive mining scripts soon followed. Overheen the Thanksgiving holiday te the U.S., the Coinhive miner wasgoed also found te a LiveHelpNow widget which is used by many websites around the world to offerande in-browser support talk sessions. The apparent cause of this wasgoed the compromise of one of the CDN servers used by LiveHelpNow to serve up its widget. Spil with Showtime, LiveHelpNow is already a legitimate revenue-generating business and there’s no visible reason spil to why it would risk user confidence to earn a few reserve bucks from users. So the most likely script is that the server wasgoed compromised either by an outsider, or even an insider.

Browser mining is cropping up te many other different places too:

  • Browser extensions and plugins have already bot found with browser-mining scripts.
  • Even the traditional tech support scam pages are incorporating browser miners into their pages spil an extra revenue stream. The intense CPU use caused by mining may actually help woo the user that they have a problem and may increase the chances of users falling for the scam.
  • People have even bot attempting browser mining on parked domains—these are the kleintje of websites that you can sometimes end up on when you inadvertently misspell a domain name.

Why is browser mining taking off?

There are many reasons why browser-based mining is back with a vengeance. Unlike ter previous failed attempts, latest developments ter the cryptocurrency and threat landscapes have made this a much more viable activity. Let’s have a look at some of thesis factors te more detail:

Advent of privacy-focused cryptocurrencies

Privacy is significant if you want to mine coins maliciously, te order to ensure others cannot lightly go after the money trail back to you. Monero, which came to the market te 2014, can suggest a high level of transaction privacy. Unlike with most other cryptocurrencies that use public translucent blockchains where transaction addresses can be lightly viewed by anyone, Monero does things differently. By default, everything is private, including the amount te a transaction, who sent it, and who received it. There is an option with which wallet owners can selectively expose some information via what’s called a view key, but this is not a feature that cyber criminals are likely to want to use.

Ease of use

Spil mentioned earlier, Coinhive provides a very neat and easy-to-use package for people to get involved ter Monero mining. All you have to do is add a few lines of script to your webstek code. You don’t have to make webstek visitors download and install executable files.

Figure Trio. Coinhive JavaScript sample code to fountain and run the browser-based miner. Source: Coinhive.com

The mining process can embark quickly and calmly ter the browser without anybody noticing, unless insufficient throttling is used, te which case the CPU flow may max out during the users’ session which would be an effortless tell-tale for end users to spot.

CPU flow may max out during the users’ session which would be an effortless tell-tale for end users to spot.

With browser-based mining, the cost of mining is borne mostly by the webstek visitors through hardware wear and rip spil well spil energy costs. Scale is achieved by using high-traffic sites with goopy content.

Coinhive presently pays 0.000104 XMR ($0.025) for every million hashes. Take for example a user of a PC with a mid-range Intel i7-7700K CPU which is capable of pushing out around 300 H/s. The user would have to spend Three,333 seconds on the webpagina, or toughly 55 minutes, ter order to achieve a million hashes. However, if you can get Three,333 users to spend approximately one 2nd each on the webpagina it would achieve a similar result.

Even under optimal conditions, the amount of hashes produced te each example will be puny, but when it comes to distributed computing power, it’s all about scale and every little bit adds up.

The cryptocurrency growth factor

Spil wij noted earlier, the value of mining prizes are not good, at least not originally. To get a better understanding, wij need to look at the profitability of this activity overheen the longer term and take te the macroeconomic picture to get a true sense of the prize. The value of cryptocurrencies like Monero is going up dramatically. So far te 2018, the price has gone from $13 to overheen $300. Under thesis circumstances where the price of Monero can go up substantially te dollar terms overheen a relatively brief time, mining Monero can become an attractive proposition. A puny amount of Monero mined today could potentially be worth a good overeenkomst more te a matter of months (conversely it could also druppel significantly depending on the health of the overall cryptocurrency economy).

Mirroring the rising rente and price of cryptocurrency, wij have also seen a big hop te our detections of both file- and browser-based cryptocurrency mining activity ter latest months.

Profitable to mine with common huis hardware, at scale

Even with the price of Monero reaching overheen $300 recently, given the current network hash power of the network at around 300 MH/s, profitable mining is a spel of scale and requires a careful eye on costs.

With browser-based mining, the cost of mining is borne mostly by the webstek visitors through hardware wear and rip spil well spil energy costs. Scale is achieved by using high-traffic sites with gooey content.

Coinhive presently pays 0.000104 XMR ($0.025) for every million hashes. Take for example a user of a PC with a mid-range Intel i7-7700K CPU which is capable of pushing out around 300 H/s. The user would have to spend Trio,333 seconds on the webpagina, or toughly 55 minutes, ter order to achieve a million hashes. However, if you can get Trio,333 users to spend approximately one 2nd each on the webpagina it would achieve a similar result.

Even under optimal conditions, the amount of hashes produced ter each example will be petite, but when it comes to distributed computing power, it’s all about scale and every little bit adds up.

The cryptocurrency growth factor

Spil wij noted earlier, the value of mining prizes are not superb, at least not originally. To get a better understanding, wij need to look at the profitability of this activity overheen the longer term and take te the macroeconomic picture to get a true sense of the prize. The value of cryptocurrencies like Monero is going up dramatically. So far te 2018, the price has gone from $13 to overheen $300. Under thesis circumstances where the price of Monero can go up substantially te dollar terms overheen a relatively brief time, mining Monero can become an attractive proposition. A petite amount of Monero mined today could potentially be worth a good overeenkomst more te a matter of months (conversely it could also druppel significantly depending on the health of the overall cryptocurrency economy).

Mirroring the rising rente and price of cryptocurrency, wij have also seen a big leap ter our detections of both file- and browser-based cryptocurrency mining activity ter latest months.

Figure Four. Chart showcasing the rising price of Monero and detections of all types of cryptocurrency mining malware (file- and browser-based)

Mining on the go

Malicious cryptocurrency mining isn’t just restricted to desktop computers and servers. Always-connected mobile devices are also a growing target. Wij have even seen growth ter coin mining on mobile phones ter latest years. Ter 2016, wij discovered 26 different Android apps that were mining cryptocurrencies. So far ter 2018 wij have found 35, which is around a 34 procent increase.

Figure Five. The number of Android mobile apps with cryptocurrency miners is also on the rise

What does the future hold?

If wij consider the cryptocurrency market spil entire, wij can see that just spil the total value of cryptocurrencies enhanced manifold during the year, rente ter malicious mining activity, both browser- and executable-based spil indicated by detections of malicious mining activity, enhanced te tandem with it.

Spil rente increases, more participants, both spil miners and implement makers, join the fray. Coinhive, while being the best known at this time, doesn’t have the market to itself. Similar projects like Crypto Twijg are cropping up, and other browser mining projects like JSEcoin have bot te beta since August 2018 and are attempting to generate growth te this activity.

Symantec has observed a significant leap te all cryptocurrency mining activity ter latest months spil evidenced ter our enhancing detection rate (See Figures Four and Five). Despite the genuine aspirations of most browser mining projects to opoffering a real and potentially better alternative to traditional web revenue generation methods, the sad reality is, it can and is being misused.

Enhancing user awareness and detection by security vendors will trigger a fresh arms wedloop inbetween cyber criminals and defenders. Latest innovations ter the malicious use of browser-based mining scripts, such spil the &,#34,pop-under&,#34,&,#160,technology where browser mining takes place te a hidden browser window, are a sign of this te act. Wij can expect to see adoption of a broad range of traditional malware propagation and evasion technics to help spread and prolong mining activity ter order to maximize profit. For spil long spil the current enabling factors are ter place making it favorable for mining, wij can expect to see rente ter browser mining to be sustained or even increase te the brief to medium term.

Modern mobile phones have processors that can be spil powerful spil low- to mid-range desktop computers which help to make mobile mining more viable. But cryptocurrency mining is always an energy-intensive activity so the fattest problem facing mobile mining is of course battery drain spil battery technology has not progressed spil rapid spil processing power. Mobile mining will inevitably be noticed by the fever generated and the fast-draining battery, not to mention any spectacle impacts that it may also have on the device.

What does the future hold?

If wij consider the cryptocurrency market spil entire, wij can see that just spil the total value of cryptocurrencies enhanced manifold during the year, rente ter malicious mining activity, both browser- and executable-based spil indicated by detections of malicious mining activity, enhanced te tandem with it.

Spil rente increases, more participants, both spil miners and device makers, join the fray. Coinhive, while being the best known at this time, doesn’t have the market to itself. Similar projects like Crypto Lotsbestemming are cropping up, and other browser mining projects like JSEcoin have bot te beta since August 2018 and are attempting to generate growth te this activity.

Symantec has observed a significant hop te all cryptocurrency mining activity te latest months spil evidenced te our enlargening detection rate (See Figures Four and Five). Despite the genuine aspirations of most browser mining projects to opoffering a real and potentially better alternative to traditional web revenue generation methods, the sad reality is, it can and is being misused.

Enhancing user awareness and detection by security vendors will trigger a fresh arms wedren inbetween cyber criminals and defenders. Latest innovations te the malicious use of browser-based mining scripts, such spil the “pop-under” mechanism where browser mining takes place te a hidden browser window, are a sign of this ter act. Wij can expect to see adoption of a broad range of traditional malware propagation and evasion mechanisms to help spread and prolong mining activity te order to maximize profit. For spil long spil the current enabling factors are ter place making it favorable for mining, wij can expect to see rente te browser mining to be sustained or even increase ter the brief to medium term.

Webstek owners should witness for injection of the browser-mining scripts into their webstek source code. Our network solutions can help you spot this te the network traffic spil your server communicates with visitors. Ter addition, opstopping system scans can also vertoning up any files where the browser-based miner code has bot injected, enabling you to identify and clean up the content.

Symantec helps prevent others from stealing your computing resources by protecting various stages of the attack chain:

Blocking network traffic associated with browser-mining activity

All mining software, whether it is file- or browser-based, voorwaarde be able to connect to either the cryptocurrency network or a mining pool to exchange gegevens, ter other words its proof-of-work. Without this connection, it cannot get the gegevens it needs to generate hashes, rendering it worthless. Wij can also block the mining scripts from being downloaded te the very first example. Our network protection operates on our endpoint solutions spil well spil our gateway and cloud touch points, all thesis solutions help build a solid defense against unwanted mining activity.

Here are some of the network protection signatures geared towards detection of browser-based mining:

Blocking browser mining activity on endpoints

Our endpoint solutions, including those for mobile devices, can detect and block all types of mining activity whether they are file-based or in-browser. Thesis solutions can prevent mining software from installing or running te the very first example. Browser-based mining scripts are detected spil PUA.JScoinminer.

How Symantec helps prevent browser mining

Symantec is keeping a watchful eye on the growing trend of browser mining. Wij are making adjustments spil necessary to prevent unwanted cryptocurrency miners from stealing your computing resources to enrich others.

Webstek owners should witness for injection of the browser-mining scripts into their webstek source code. Our network solutions can help you spot this te the network traffic spil your server communicates with visitors. Ter addition, verkeersopstopping system scans can also vertoning up any files where the browser-based miner code has bot injected, enabling you to identify and clean up the content.

Symantec helps prevent others from stealing your computing resources by protecting various stages of the attack chain:

Blocking network traffic associated with browser-mining activity

All mining software, whether it is file- or browser-based, vereiste be able to connect to either the cryptocurrency network or a mining pool to exchange gegevens, te other words its proof-of-work. Without this connection, it cannot get the gegevens it needs to generate hashes, rendering it worthless. Wij can also block the mining scripts from being downloaded te the very first example. Our network protection operates on our endpoint solutions spil well spil our gateway and cloud touch points, all thesis solutions help build a solid defense against unwanted mining activity.

Here are some of the network protection signatures geared towards detection of browser-based mining:

Related movie: Satoshi Miner não paga


Leave a Reply

Your email address will not be published. Required fields are marked *